|
SOCIAL AND ECONOMIC SYSTEMS MANAGEMENT
Conception of organizational building a protected information system of a business
A. R. Gazizov Don State Technical University
Abstract:
The article discusses the concept of organizational formation of the protected information system of a commercial enterprise. The content and classification of information resources, subject to the characteristics of the trading activities, information about customers, employees, communicative, general, financial and legal data have been given; the level of importance has been revealed. The basic principles of creating the protected information system in terms of specificity of a commercial enterprise (continuity, integrity, systemacy, legitimacy) have been formulated. Taking into account the specified principles, the thematic content of requirements to the protected information system has been determined: centralization, planning, preciseness, purposefulness, activity, reliability, flexibility, originality, openness, economic efficiency. There are given recommendations to building a secure information system, which include easy maintenance and transparency for users of the mechanisms of the information system protection; a minimum set of privileges for users; ability to disable the security mechanisms of information system in the critical circumstances; independence of protection mechanisms from the information system; assumptions about the worst intentions and potential users’ errors; minimization of information about existing mechanisms of information system protection. It has been determined that the information system protection includes two components: organizational and administrative (including the internal documents regulating the issues of protection) and technical (including the subsystems of anti-virus protection, back up and archiving, email security, intrusion detection, protection of data transmission channels, identification and authentication of users); their functional purpose being analyzed. The purpose and content of security policy of information system were determined as a theoretical basis of organizational and administrative components of the protection system. It has been inferred about the universality of the presented method providing secure communication for the users of a business.
Keywords:
information system; information interaction; information resources; information; classification of information resources; information carriers; principles of creating information systems; components of protection systems, means of information and communication technologies; importance of information resources; business; requirements to the information system.
Received: 29.12.2017
Citation:
A. R. Gazizov, “Conception of organizational building a protected information system of a business”, Vestn. Astrakhan State Technical Univ. Ser. Management, Computer Sciences and Informatics, 2018, no. 2, 110–116
Linking options:
https://www.mathnet.ru/eng/vagtu536 https://www.mathnet.ru/eng/vagtu/y2018/i2/p110
|
|